]> git.proxmox.com Git - proxmox-backup.git/blob - src/bin/proxmox-backup-client.rs
projects / proxmox-backup.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
bump version to 1.0.3-1
[proxmox-backup.git] / src / bin / proxmox-backup-client.rs
1 use std::collections::{HashSet, HashMap};
2 use std::convert::TryFrom;
3 use std::io::{self, Read, Write, Seek, SeekFrom};
4 use std::os::unix::io::{FromRawFd, RawFd};
5 use std::path::{Path, PathBuf};
6 use std::pin::Pin;
7 use std::sync::{Arc, Mutex};
8 use std::task::Context;
9
10 use anyhow::{bail, format_err, Error};
11 use futures::future::FutureExt;
12 use futures::stream::{StreamExt, TryStreamExt};
13 use serde_json::{json, Value};
14 use tokio::sync::mpsc;
15 use xdg::BaseDirectories;
16
17 use pathpatterns::{MatchEntry, MatchType, PatternFlag};
18 use proxmox::{
19 tools::{
20 time::{strftime_local, epoch_i64},
21 fs::{file_get_contents, file_get_json, replace_file, CreateOptions, image_size},
22 },
23 api::{
24 api,
25 ApiHandler,
26 ApiMethod,
27 RpcEnvironment,
28 schema::*,
29 cli::*,
30 },
31 };
32 use pxar::accessor::{MaybeReady, ReadAt, ReadAtOperation};
33
34 use proxmox_backup::tools;
35 use proxmox_backup::api2::access::user::UserWithTokens;
36 use proxmox_backup::api2::types::*;
37 use proxmox_backup::api2::version;
38 use proxmox_backup::client::*;
39 use proxmox_backup::pxar::catalog::*;
40 use proxmox_backup::backup::{
41 archive_type,
42 decrypt_key,
43 verify_chunk_size,
44 ArchiveType,
45 AsyncReadChunk,
46 BackupDir,
47 BackupGroup,
48 BackupManifest,
49 BufferedDynamicReader,
50 CATALOG_NAME,
51 CatalogReader,
52 CatalogWriter,
53 ChunkStream,
54 CryptConfig,
55 CryptMode,
56 DataBlob,
57 DynamicIndexReader,
58 FixedChunkStream,
59 FixedIndexReader,
60 IndexFile,
61 MANIFEST_BLOB_NAME,
62 Shell,
63 };
64
65 mod proxmox_backup_client;
66 use proxmox_backup_client::*;
67
68 const ENV_VAR_PBS_FINGERPRINT: &str = "PBS_FINGERPRINT";
69 const ENV_VAR_PBS_PASSWORD: &str = "PBS_PASSWORD";
70
71
72 pub const REPO_URL_SCHEMA: Schema = StringSchema::new("Repository URL.")
73 .format(&BACKUP_REPO_URL)
74 .max_length(256)
75 .schema();
76
77 pub const KEYFILE_SCHEMA: Schema = StringSchema::new(
78 "Path to encryption key. All data will be encrypted using this key.")
79 .schema();
80
81 pub const KEYFD_SCHEMA: Schema = IntegerSchema::new(
82 "Pass an encryption key via an already opened file descriptor.")
83 .minimum(0)
84 .schema();
85
86 const CHUNK_SIZE_SCHEMA: Schema = IntegerSchema::new(
87 "Chunk size in KB. Must be a power of 2.")
88 .minimum(64)
89 .maximum(4096)
90 .default(4096)
91 .schema();
92
93 fn get_default_repository() -> Option<String> {
94 std::env::var("PBS_REPOSITORY").ok()
95 }
96
97 pub fn extract_repository_from_value(
98 param: &Value,
99 ) -> Result<BackupRepository, Error> {
100
101 let repo_url = param["repository"]
102 .as_str()
103 .map(String::from)
104 .or_else(get_default_repository)
105 .ok_or_else(|| format_err!("unable to get (default) repository"))?;
106
107 let repo: BackupRepository = repo_url.parse()?;
108
109 Ok(repo)
110 }
111
112 fn extract_repository_from_map(
113 param: &HashMap<String, String>,
114 ) -> Option<BackupRepository> {
115
116 param.get("repository")
117 .map(String::from)
118 .or_else(get_default_repository)
119 .and_then(|repo_url| repo_url.parse::<BackupRepository>().ok())
120 }
121
122 fn record_repository(repo: &BackupRepository) {
123
124 let base = match BaseDirectories::with_prefix("proxmox-backup") {
125 Ok(v) => v,
126 _ => return,
127 };
128
129 // usually $HOME/.cache/proxmox-backup/repo-list
130 let path = match base.place_cache_file("repo-list") {
131 Ok(v) => v,
132 _ => return,
133 };
134
135 let mut data = file_get_json(&path, None).unwrap_or_else(|_| json!({}));
136
137 let repo = repo.to_string();
138
139 data[&repo] = json!{ data[&repo].as_i64().unwrap_or(0) + 1 };
140
141 let mut map = serde_json::map::Map::new();
142
143 loop {
144 let mut max_used = 0;
145 let mut max_repo = None;
146 for (repo, count) in data.as_object().unwrap() {
147 if map.contains_key(repo) { continue; }
148 if let Some(count) = count.as_i64() {
149 if count > max_used {
150 max_used = count;
151 max_repo = Some(repo);
152 }
153 }
154 }
155 if let Some(repo) = max_repo {
156 map.insert(repo.to_owned(), json!(max_used));
157 } else {
158 break;
159 }
160 if map.len() > 10 { // store max. 10 repos
161 break;
162 }
163 }
164
165 let new_data = json!(map);
166
167 let _ = replace_file(path, new_data.to_string().as_bytes(), CreateOptions::new());
168 }
169
170 pub fn complete_repository(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
171
172 let mut result = vec![];
173
174 let base = match BaseDirectories::with_prefix("proxmox-backup") {
175 Ok(v) => v,
176 _ => return result,
177 };
178
179 // usually $HOME/.cache/proxmox-backup/repo-list
180 let path = match base.place_cache_file("repo-list") {
181 Ok(v) => v,
182 _ => return result,
183 };
184
185 let data = file_get_json(&path, None).unwrap_or_else(|_| json!({}));
186
187 if let Some(map) = data.as_object() {
188 for (repo, _count) in map {
189 result.push(repo.to_owned());
190 }
191 }
192
193 result
194 }
195
196 fn connect(repo: &BackupRepository) -> Result<HttpClient, Error> {
197 connect_do(repo.host(), repo.port(), repo.auth_id())
198 .map_err(|err| format_err!("error building client for repository {} - {}", repo, err))
199 }
200
201 fn connect_do(server: &str, port: u16, auth_id: &Authid) -> Result<HttpClient, Error> {
202 let fingerprint = std::env::var(ENV_VAR_PBS_FINGERPRINT).ok();
203
204 use std::env::VarError::*;
205 let password = match std::env::var(ENV_VAR_PBS_PASSWORD) {
206 Ok(p) => Some(p),
207 Err(NotUnicode(_)) => bail!(format!("{} contains bad characters", ENV_VAR_PBS_PASSWORD)),
208 Err(NotPresent) => None,
209 };
210
211 let options = HttpClientOptions::new()
212 .prefix(Some("proxmox-backup".to_string()))
213 .password(password)
214 .interactive(true)
215 .fingerprint(fingerprint)
216 .fingerprint_cache(true)
217 .ticket_cache(true);
218
219 HttpClient::new(server, port, auth_id, options)
220 }
221
222 async fn view_task_result(
223 client: HttpClient,
224 result: Value,
225 output_format: &str,
226 ) -> Result<(), Error> {
227 let data = &result["data"];
228 if output_format == "text" {
229 if let Some(upid) = data.as_str() {
230 display_task_log(client, upid, true).await?;
231 }
232 } else {
233 format_and_print_result(&data, &output_format);
234 }
235
236 Ok(())
237 }
238
239 async fn api_datastore_list_snapshots(
240 client: &HttpClient,
241 store: &str,
242 group: Option<BackupGroup>,
243 ) -> Result<Value, Error> {
244
245 let path = format!("api2/json/admin/datastore/{}/snapshots", store);
246
247 let mut args = json!({});
248 if let Some(group) = group {
249 args["backup-type"] = group.backup_type().into();
250 args["backup-id"] = group.backup_id().into();
251 }
252
253 let mut result = client.get(&path, Some(args)).await?;
254
255 Ok(result["data"].take())
256 }
257
258 pub async fn api_datastore_latest_snapshot(
259 client: &HttpClient,
260 store: &str,
261 group: BackupGroup,
262 ) -> Result<(String, String, i64), Error> {
263
264 let list = api_datastore_list_snapshots(client, store, Some(group.clone())).await?;
265 let mut list: Vec<SnapshotListItem> = serde_json::from_value(list)?;
266
267 if list.is_empty() {
268 bail!("backup group {:?} does not contain any snapshots.", group.group_path());
269 }
270
271 list.sort_unstable_by(|a, b| b.backup_time.cmp(&a.backup_time));
272
273 let backup_time = list[0].backup_time;
274
275 Ok((group.backup_type().to_owned(), group.backup_id().to_owned(), backup_time))
276 }
277
278 async fn backup_directory<P: AsRef<Path>>(
279 client: &BackupWriter,
280 previous_manifest: Option<Arc<BackupManifest>>,
281 dir_path: P,
282 archive_name: &str,
283 chunk_size: Option<usize>,
284 device_set: Option<HashSet<u64>>,
285 verbose: bool,
286 skip_lost_and_found: bool,
287 catalog: Arc<Mutex<CatalogWriter<crate::tools::StdChannelWriter>>>,
288 exclude_pattern: Vec<MatchEntry>,
289 entries_max: usize,
290 compress: bool,
291 encrypt: bool,
292 ) -> Result<BackupStats, Error> {
293
294 let pxar_stream = PxarBackupStream::open(
295 dir_path.as_ref(),
296 device_set,
297 verbose,
298 skip_lost_and_found,
299 catalog,
300 exclude_pattern,
301 entries_max,
302 )?;
303 let mut chunk_stream = ChunkStream::new(pxar_stream, chunk_size);
304
305 let (mut tx, rx) = mpsc::channel(10); // allow to buffer 10 chunks
306
307 let stream = rx
308 .map_err(Error::from);
309
310 // spawn chunker inside a separate task so that it can run parallel
311 tokio::spawn(async move {
312 while let Some(v) = chunk_stream.next().await {
313 let _ = tx.send(v).await;
314 }
315 });
316
317 let stats = client
318 .upload_stream(previous_manifest, archive_name, stream, "dynamic", None, compress, encrypt)
319 .await?;
320
321 Ok(stats)
322 }
323
324 async fn backup_image<P: AsRef<Path>>(
325 client: &BackupWriter,
326 previous_manifest: Option<Arc<BackupManifest>>,
327 image_path: P,
328 archive_name: &str,
329 image_size: u64,
330 chunk_size: Option<usize>,
331 compress: bool,
332 encrypt: bool,
333 _verbose: bool,
334 ) -> Result<BackupStats, Error> {
335
336 let path = image_path.as_ref().to_owned();
337
338 let file = tokio::fs::File::open(path).await?;
339
340 let stream = tokio_util::codec::FramedRead::new(file, tokio_util::codec::BytesCodec::new())
341 .map_err(Error::from);
342
343 let stream = FixedChunkStream::new(stream, chunk_size.unwrap_or(4*1024*1024));
344
345 let stats = client
346 .upload_stream(previous_manifest, archive_name, stream, "fixed", Some(image_size), compress, encrypt)
347 .await?;
348
349 Ok(stats)
350 }
351
352 #[api(
353 input: {
354 properties: {
355 repository: {
356 schema: REPO_URL_SCHEMA,
357 optional: true,
358 },
359 "output-format": {
360 schema: OUTPUT_FORMAT,
361 optional: true,
362 },
363 }
364 }
365 )]
366 /// List backup groups.
367 async fn list_backup_groups(param: Value) -> Result<Value, Error> {
368
369 let output_format = get_output_format(&param);
370
371 let repo = extract_repository_from_value(&param)?;
372
373 let client = connect(&repo)?;
374
375 let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
376
377 let mut result = client.get(&path, None).await?;
378
379 record_repository(&repo);
380
381 let render_group_path = |_v: &Value, record: &Value| -> Result<String, Error> {
382 let item: GroupListItem = serde_json::from_value(record.to_owned())?;
383 let group = BackupGroup::new(item.backup_type, item.backup_id);
384 Ok(group.group_path().to_str().unwrap().to_owned())
385 };
386
387 let render_last_backup = |_v: &Value, record: &Value| -> Result<String, Error> {
388 let item: GroupListItem = serde_json::from_value(record.to_owned())?;
389 let snapshot = BackupDir::new(item.backup_type, item.backup_id, item.last_backup)?;
390 Ok(snapshot.relative_path().to_str().unwrap().to_owned())
391 };
392
393 let render_files = |_v: &Value, record: &Value| -> Result<String, Error> {
394 let item: GroupListItem = serde_json::from_value(record.to_owned())?;
395 Ok(tools::format::render_backup_file_list(&item.files))
396 };
397
398 let options = default_table_format_options()
399 .sortby("backup-type", false)
400 .sortby("backup-id", false)
401 .column(ColumnConfig::new("backup-id").renderer(render_group_path).header("group"))
402 .column(
403 ColumnConfig::new("last-backup")
404 .renderer(render_last_backup)
405 .header("last snapshot")
406 .right_align(false)
407 )
408 .column(ColumnConfig::new("backup-count"))
409 .column(ColumnConfig::new("files").renderer(render_files));
410
411 let mut data: Value = result["data"].take();
412
413 let info = &proxmox_backup::api2::admin::datastore::API_RETURN_SCHEMA_LIST_GROUPS;
414
415 format_and_print_result_full(&mut data, info, &output_format, &options);
416
417 Ok(Value::Null)
418 }
419
420 #[api(
421 input: {
422 properties: {
423 repository: {
424 schema: REPO_URL_SCHEMA,
425 optional: true,
426 },
427 group: {
428 type: String,
429 description: "Backup group.",
430 },
431 "new-owner": {
432 type: Authid,
433 },
434 }
435 }
436 )]
437 /// Change owner of a backup group
438 async fn change_backup_owner(group: String, mut param: Value) -> Result<(), Error> {
439
440 let repo = extract_repository_from_value(&param)?;
441
442 let mut client = connect(&repo)?;
443
444 param.as_object_mut().unwrap().remove("repository");
445
446 let group: BackupGroup = group.parse()?;
447
448 param["backup-type"] = group.backup_type().into();
449 param["backup-id"] = group.backup_id().into();
450
451 let path = format!("api2/json/admin/datastore/{}/change-owner", repo.store());
452 client.post(&path, Some(param)).await?;
453
454 record_repository(&repo);
455
456 Ok(())
457 }
458
459 #[api(
460 input: {
461 properties: {
462 repository: {
463 schema: REPO_URL_SCHEMA,
464 optional: true,
465 },
466 group: {
467 type: String,
468 description: "Backup group.",
469 optional: true,
470 },
471 "output-format": {
472 schema: OUTPUT_FORMAT,
473 optional: true,
474 },
475 }
476 }
477 )]
478 /// List backup snapshots.
479 async fn list_snapshots(param: Value) -> Result<Value, Error> {
480
481 let repo = extract_repository_from_value(&param)?;
482
483 let output_format = get_output_format(&param);
484
485 let client = connect(&repo)?;
486
487 let group: Option<BackupGroup> = if let Some(path) = param["group"].as_str() {
488 Some(path.parse()?)
489 } else {
490 None
491 };
492
493 let mut data = api_datastore_list_snapshots(&client, repo.store(), group).await?;
494
495 record_repository(&repo);
496
497 let render_snapshot_path = |_v: &Value, record: &Value| -> Result<String, Error> {
498 let item: SnapshotListItem = serde_json::from_value(record.to_owned())?;
499 let snapshot = BackupDir::new(item.backup_type, item.backup_id, item.backup_time)?;
500 Ok(snapshot.relative_path().to_str().unwrap().to_owned())
501 };
502
503 let render_files = |_v: &Value, record: &Value| -> Result<String, Error> {
504 let item: SnapshotListItem = serde_json::from_value(record.to_owned())?;
505 let mut filenames = Vec::new();
506 for file in &item.files {
507 filenames.push(file.filename.to_string());
508 }
509 Ok(tools::format::render_backup_file_list(&filenames[..]))
510 };
511
512 let options = default_table_format_options()
513 .sortby("backup-type", false)
514 .sortby("backup-id", false)
515 .sortby("backup-time", false)
516 .column(ColumnConfig::new("backup-id").renderer(render_snapshot_path).header("snapshot"))
517 .column(ColumnConfig::new("size").renderer(tools::format::render_bytes_human_readable))
518 .column(ColumnConfig::new("files").renderer(render_files))
519 ;
520
521 let info = &proxmox_backup::api2::admin::datastore::API_RETURN_SCHEMA_LIST_SNAPSHOTS;
522
523 format_and_print_result_full(&mut data, info, &output_format, &options);
524
525 Ok(Value::Null)
526 }
527
528 #[api(
529 input: {
530 properties: {
531 repository: {
532 schema: REPO_URL_SCHEMA,
533 optional: true,
534 },
535 snapshot: {
536 type: String,
537 description: "Snapshot path.",
538 },
539 }
540 }
541 )]
542 /// Forget (remove) backup snapshots.
543 async fn forget_snapshots(param: Value) -> Result<Value, Error> {
544
545 let repo = extract_repository_from_value(&param)?;
546
547 let path = tools::required_string_param(&param, "snapshot")?;
548 let snapshot: BackupDir = path.parse()?;
549
550 let mut client = connect(&repo)?;
551
552 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
553
554 let result = client.delete(&path, Some(json!({
555 "backup-type": snapshot.group().backup_type(),
556 "backup-id": snapshot.group().backup_id(),
557 "backup-time": snapshot.backup_time(),
558 }))).await?;
559
560 record_repository(&repo);
561
562 Ok(result)
563 }
564
565 #[api(
566 input: {
567 properties: {
568 repository: {
569 schema: REPO_URL_SCHEMA,
570 optional: true,
571 },
572 }
573 }
574 )]
575 /// Try to login. If successful, store ticket.
576 async fn api_login(param: Value) -> Result<Value, Error> {
577
578 let repo = extract_repository_from_value(&param)?;
579
580 let client = connect(&repo)?;
581 client.login().await?;
582
583 record_repository(&repo);
584
585 Ok(Value::Null)
586 }
587
588 #[api(
589 input: {
590 properties: {
591 repository: {
592 schema: REPO_URL_SCHEMA,
593 optional: true,
594 },
595 }
596 }
597 )]
598 /// Logout (delete stored ticket).
599 fn api_logout(param: Value) -> Result<Value, Error> {
600
601 let repo = extract_repository_from_value(&param)?;
602
603 delete_ticket_info("proxmox-backup", repo.host(), repo.user())?;
604
605 Ok(Value::Null)
606 }
607
608 #[api(
609 input: {
610 properties: {
611 repository: {
612 schema: REPO_URL_SCHEMA,
613 optional: true,
614 },
615 "output-format": {
616 schema: OUTPUT_FORMAT,
617 optional: true,
618 },
619 }
620 }
621 )]
622 /// Show client and optional server version
623 async fn api_version(param: Value) -> Result<(), Error> {
624
625 let output_format = get_output_format(&param);
626
627 let mut version_info = json!({
628 "client": {
629 "version": version::PROXMOX_PKG_VERSION,
630 "release": version::PROXMOX_PKG_RELEASE,
631 "repoid": version::PROXMOX_PKG_REPOID,
632 }
633 });
634
635 let repo = extract_repository_from_value(&param);
636 if let Ok(repo) = repo {
637 let client = connect(&repo)?;
638
639 match client.get("api2/json/version", None).await {
640 Ok(mut result) => version_info["server"] = result["data"].take(),
641 Err(e) => eprintln!("could not connect to server - {}", e),
642 }
643 }
644 if output_format == "text" {
645 println!("client version: {}.{}", version::PROXMOX_PKG_VERSION, version::PROXMOX_PKG_RELEASE);
646 if let Some(server) = version_info["server"].as_object() {
647 let server_version = server["version"].as_str().unwrap();
648 let server_release = server["release"].as_str().unwrap();
649 println!("server version: {}.{}", server_version, server_release);
650 }
651 } else {
652 format_and_print_result(&version_info, &output_format);
653 }
654
655 Ok(())
656 }
657
658
659 #[api(
660 input: {
661 properties: {
662 repository: {
663 schema: REPO_URL_SCHEMA,
664 optional: true,
665 },
666 snapshot: {
667 type: String,
668 description: "Snapshot path.",
669 },
670 "output-format": {
671 schema: OUTPUT_FORMAT,
672 optional: true,
673 },
674 }
675 }
676 )]
677 /// List snapshot files.
678 async fn list_snapshot_files(param: Value) -> Result<Value, Error> {
679
680 let repo = extract_repository_from_value(&param)?;
681
682 let path = tools::required_string_param(&param, "snapshot")?;
683 let snapshot: BackupDir = path.parse()?;
684
685 let output_format = get_output_format(&param);
686
687 let client = connect(&repo)?;
688
689 let path = format!("api2/json/admin/datastore/{}/files", repo.store());
690
691 let mut result = client.get(&path, Some(json!({
692 "backup-type": snapshot.group().backup_type(),
693 "backup-id": snapshot.group().backup_id(),
694 "backup-time": snapshot.backup_time(),
695 }))).await?;
696
697 record_repository(&repo);
698
699 let info = &proxmox_backup::api2::admin::datastore::API_RETURN_SCHEMA_LIST_SNAPSHOT_FILES;
700
701 let mut data: Value = result["data"].take();
702
703 let options = default_table_format_options();
704
705 format_and_print_result_full(&mut data, info, &output_format, &options);
706
707 Ok(Value::Null)
708 }
709
710 #[api(
711 input: {
712 properties: {
713 repository: {
714 schema: REPO_URL_SCHEMA,
715 optional: true,
716 },
717 "output-format": {
718 schema: OUTPUT_FORMAT,
719 optional: true,
720 },
721 },
722 },
723 )]
724 /// Start garbage collection for a specific repository.
725 async fn start_garbage_collection(param: Value) -> Result<Value, Error> {
726
727 let repo = extract_repository_from_value(&param)?;
728
729 let output_format = get_output_format(&param);
730
731 let mut client = connect(&repo)?;
732
733 let path = format!("api2/json/admin/datastore/{}/gc", repo.store());
734
735 let result = client.post(&path, None).await?;
736
737 record_repository(&repo);
738
739 view_task_result(client, result, &output_format).await?;
740
741 Ok(Value::Null)
742 }
743
744 fn spawn_catalog_upload(
745 client: Arc<BackupWriter>,
746 encrypt: bool,
747 ) -> Result<
748 (
749 Arc<Mutex<CatalogWriter<crate::tools::StdChannelWriter>>>,
750 tokio::sync::oneshot::Receiver<Result<BackupStats, Error>>
751 ), Error>
752 {
753 let (catalog_tx, catalog_rx) = std::sync::mpsc::sync_channel(10); // allow to buffer 10 writes
754 let catalog_stream = crate::tools::StdChannelStream(catalog_rx);
755 let catalog_chunk_size = 512*1024;
756 let catalog_chunk_stream = ChunkStream::new(catalog_stream, Some(catalog_chunk_size));
757
758 let catalog = Arc::new(Mutex::new(CatalogWriter::new(crate::tools::StdChannelWriter::new(catalog_tx))?));
759
760 let (catalog_result_tx, catalog_result_rx) = tokio::sync::oneshot::channel();
761
762 tokio::spawn(async move {
763 let catalog_upload_result = client
764 .upload_stream(None, CATALOG_NAME, catalog_chunk_stream, "dynamic", None, true, encrypt)
765 .await;
766
767 if let Err(ref err) = catalog_upload_result {
768 eprintln!("catalog upload error - {}", err);
769 client.cancel();
770 }
771
772 let _ = catalog_result_tx.send(catalog_upload_result);
773 });
774
775 Ok((catalog, catalog_result_rx))
776 }
777
778 fn keyfile_parameters(param: &Value) -> Result<(Option<Vec<u8>>, CryptMode), Error> {
779 let keyfile = match param.get("keyfile") {
780 Some(Value::String(keyfile)) => Some(keyfile),
781 Some(_) => bail!("bad --keyfile parameter type"),
782 None => None,
783 };
784
785 let key_fd = match param.get("keyfd") {
786 Some(Value::Number(key_fd)) => Some(
787 RawFd::try_from(key_fd
788 .as_i64()
789 .ok_or_else(|| format_err!("bad key fd: {:?}", key_fd))?
790 )
791 .map_err(|err| format_err!("bad key fd: {:?}: {}", key_fd, err))?
792 ),
793 Some(_) => bail!("bad --keyfd parameter type"),
794 None => None,
795 };
796
797 let crypt_mode: Option<CryptMode> = match param.get("crypt-mode") {
798 Some(mode) => Some(serde_json::from_value(mode.clone())?),
799 None => None,
800 };
801
802 let keydata = match (keyfile, key_fd) {
803 (None, None) => None,
804 (Some(_), Some(_)) => bail!("--keyfile and --keyfd are mutually exclusive"),
805 (Some(keyfile), None) => {
806 println!("Using encryption key file: {}", keyfile);
807 Some(file_get_contents(keyfile)?)
808 },
809 (None, Some(fd)) => {
810 let input = unsafe { std::fs::File::from_raw_fd(fd) };
811 let mut data = Vec::new();
812 let _len: usize = { input }.read_to_end(&mut data)
813 .map_err(|err| {
814 format_err!("error reading encryption key from fd {}: {}", fd, err)
815 })?;
816 println!("Using encryption key from file descriptor");
817 Some(data)
818 }
819 };
820
821 Ok(match (keydata, crypt_mode) {
822 // no parameters:
823 (None, None) => match key::read_optional_default_encryption_key()? {
824 Some(key) => {
825 println!("Encrypting with default encryption key!");
826 (Some(key), CryptMode::Encrypt)
827 },
828 None => (None, CryptMode::None),
829 },
830
831 // just --crypt-mode=none
832 (None, Some(CryptMode::None)) => (None, CryptMode::None),
833
834 // just --crypt-mode other than none
835 (None, Some(crypt_mode)) => match key::read_optional_default_encryption_key()? {
836 None => bail!("--crypt-mode without --keyfile and no default key file available"),
837 Some(key) => {
838 println!("Encrypting with default encryption key!");
839 (Some(key), crypt_mode)
840 },
841 }
842
843 // just --keyfile
844 (Some(key), None) => (Some(key), CryptMode::Encrypt),
845
846 // --keyfile and --crypt-mode=none
847 (Some(_), Some(CryptMode::None)) => {
848 bail!("--keyfile/--keyfd and --crypt-mode=none are mutually exclusive");
849 }
850
851 // --keyfile and --crypt-mode other than none
852 (Some(key), Some(crypt_mode)) => (Some(key), crypt_mode),
853 })
854 }
855
856 #[api(
857 input: {
858 properties: {
859 backupspec: {
860 type: Array,
861 description: "List of backup source specifications ([<label.ext>:<path>] ...)",
862 items: {
863 schema: BACKUP_SOURCE_SCHEMA,
864 }
865 },
866 repository: {
867 schema: REPO_URL_SCHEMA,
868 optional: true,
869 },
870 "include-dev": {
871 description: "Include mountpoints with same st_dev number (see ``man fstat``) as specified files.",
872 optional: true,
873 items: {
874 type: String,
875 description: "Path to file.",
876 }
877 },
878 "all-file-systems": {
879 type: Boolean,
880 description: "Include all mounted subdirectories.",
881 optional: true,
882 },
883 keyfile: {
884 schema: KEYFILE_SCHEMA,
885 optional: true,
886 },
887 "keyfd": {
888 schema: KEYFD_SCHEMA,
889 optional: true,
890 },
891 "crypt-mode": {
892 type: CryptMode,
893 optional: true,
894 },
895 "skip-lost-and-found": {
896 type: Boolean,
897 description: "Skip lost+found directory.",
898 optional: true,
899 },
900 "backup-type": {
901 schema: BACKUP_TYPE_SCHEMA,
902 optional: true,
903 },
904 "backup-id": {
905 schema: BACKUP_ID_SCHEMA,
906 optional: true,
907 },
908 "backup-time": {
909 schema: BACKUP_TIME_SCHEMA,
910 optional: true,
911 },
912 "chunk-size": {
913 schema: CHUNK_SIZE_SCHEMA,
914 optional: true,
915 },
916 "exclude": {
917 type: Array,
918 description: "List of paths or patterns for matching files to exclude.",
919 optional: true,
920 items: {
921 type: String,
922 description: "Path or match pattern.",
923 }
924 },
925 "entries-max": {
926 type: Integer,
927 description: "Max number of entries to hold in memory.",
928 optional: true,
929 default: proxmox_backup::pxar::ENCODER_MAX_ENTRIES as isize,
930 },
931 "verbose": {
932 type: Boolean,
933 description: "Verbose output.",
934 optional: true,
935 },
936 }
937 }
938 )]
939 /// Create (host) backup.
940 async fn create_backup(
941 param: Value,
942 _info: &ApiMethod,
943 _rpcenv: &mut dyn RpcEnvironment,
944 ) -> Result<Value, Error> {
945
946 let repo = extract_repository_from_value(&param)?;
947
948 let backupspec_list = tools::required_array_param(&param, "backupspec")?;
949
950 let all_file_systems = param["all-file-systems"].as_bool().unwrap_or(false);
951
952 let skip_lost_and_found = param["skip-lost-and-found"].as_bool().unwrap_or(false);
953
954 let verbose = param["verbose"].as_bool().unwrap_or(false);
955
956 let backup_time_opt = param["backup-time"].as_i64();
957
958 let chunk_size_opt = param["chunk-size"].as_u64().map(|v| (v*1024) as usize);
959
960 if let Some(size) = chunk_size_opt {
961 verify_chunk_size(size)?;
962 }
963
964 let (keydata, crypt_mode) = keyfile_parameters(&param)?;
965
966 let backup_id = param["backup-id"].as_str().unwrap_or(&proxmox::tools::nodename());
967
968 let backup_type = param["backup-type"].as_str().unwrap_or("host");
969
970 let include_dev = param["include-dev"].as_array();
971
972 let entries_max = param["entries-max"].as_u64()
973 .unwrap_or(proxmox_backup::pxar::ENCODER_MAX_ENTRIES as u64);
974
975 let empty = Vec::new();
976 let exclude_args = param["exclude"].as_array().unwrap_or(&empty);
977
978 let mut pattern_list = Vec::with_capacity(exclude_args.len());
979 for entry in exclude_args {
980 let entry = entry.as_str().ok_or_else(|| format_err!("Invalid pattern string slice"))?;
981 pattern_list.push(
982 MatchEntry::parse_pattern(entry, PatternFlag::PATH_NAME, MatchType::Exclude)
983 .map_err(|err| format_err!("invalid exclude pattern entry: {}", err))?
984 );
985 }
986
987 let mut devices = if all_file_systems { None } else { Some(HashSet::new()) };
988
989 if let Some(include_dev) = include_dev {
990 if all_file_systems {
991 bail!("option 'all-file-systems' conflicts with option 'include-dev'");
992 }
993
994 let mut set = HashSet::new();
995 for path in include_dev {
996 let path = path.as_str().unwrap();
997 let stat = nix::sys::stat::stat(path)
998 .map_err(|err| format_err!("fstat {:?} failed - {}", path, err))?;
999 set.insert(stat.st_dev);
1000 }
1001 devices = Some(set);
1002 }
1003
1004 let mut upload_list = vec![];
1005 let mut target_set = HashSet::new();
1006
1007 for backupspec in backupspec_list {
1008 let spec = parse_backup_specification(backupspec.as_str().unwrap())?;
1009 let filename = &spec.config_string;
1010 let target = &spec.archive_name;
1011
1012 if target_set.contains(target) {
1013 bail!("got target twice: '{}'", target);
1014 }
1015 target_set.insert(target.to_string());
1016
1017 use std::os::unix::fs::FileTypeExt;
1018
1019 let metadata = std::fs::metadata(filename)
1020 .map_err(|err| format_err!("unable to access '{}' - {}", filename, err))?;
1021 let file_type = metadata.file_type();
1022
1023 match spec.spec_type {
1024 BackupSpecificationType::PXAR => {
1025 if !file_type.is_dir() {
1026 bail!("got unexpected file type (expected directory)");
1027 }
1028 upload_list.push((BackupSpecificationType::PXAR, filename.to_owned(), format!("{}.didx", target), 0));
1029 }
1030 BackupSpecificationType::IMAGE => {
1031 if !(file_type.is_file() || file_type.is_block_device()) {
1032 bail!("got unexpected file type (expected file or block device)");
1033 }
1034
1035 let size = image_size(&PathBuf::from(filename))?;
1036
1037 if size == 0 { bail!("got zero-sized file '{}'", filename); }
1038
1039 upload_list.push((BackupSpecificationType::IMAGE, filename.to_owned(), format!("{}.fidx", target), size));
1040 }
1041 BackupSpecificationType::CONFIG => {
1042 if !file_type.is_file() {
1043 bail!("got unexpected file type (expected regular file)");
1044 }
1045 upload_list.push((BackupSpecificationType::CONFIG, filename.to_owned(), format!("{}.blob", target), metadata.len()));
1046 }
1047 BackupSpecificationType::LOGFILE => {
1048 if !file_type.is_file() {
1049 bail!("got unexpected file type (expected regular file)");
1050 }
1051 upload_list.push((BackupSpecificationType::LOGFILE, filename.to_owned(), format!("{}.blob", target), metadata.len()));
1052 }
1053 }
1054 }
1055
1056 let backup_time = backup_time_opt.unwrap_or_else(|| epoch_i64());
1057
1058 let client = connect(&repo)?;
1059 record_repository(&repo);
1060
1061 println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time)?);
1062
1063 println!("Client name: {}", proxmox::tools::nodename());
1064
1065 let start_time = std::time::Instant::now();
1066
1067 println!("Starting backup protocol: {}", strftime_local("%c", epoch_i64())?);
1068
1069 let (crypt_config, rsa_encrypted_key) = match keydata {
1070 None => (None, None),
1071 Some(key) => {
1072 let (key, created, fingerprint) = decrypt_key(&key, &key::get_encryption_key_password)?;
1073 println!("Encryption key fingerprint: {}", fingerprint);
1074
1075 let crypt_config = CryptConfig::new(key)?;
1076
1077 match key::find_master_pubkey()? {
1078 Some(ref path) if path.exists() => {
1079 let pem_data = file_get_contents(path)?;
1080 let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
1081 let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?;
1082 println!("Master key '{:?}'", path);
1083
1084 (Some(Arc::new(crypt_config)), Some(enc_key))
1085 }
1086 _ => (Some(Arc::new(crypt_config)), None),
1087 }
1088 }
1089 };
1090
1091 let client = BackupWriter::start(
1092 client,
1093 crypt_config.clone(),
1094 repo.store(),
1095 backup_type,
1096 &backup_id,
1097 backup_time,
1098 verbose,
1099 false
1100 ).await?;
1101
1102 let download_previous_manifest = match client.previous_backup_time().await {
1103 Ok(Some(backup_time)) => {
1104 println!(
1105 "Downloading previous manifest ({})",
1106 strftime_local("%c", backup_time)?
1107 );
1108 true
1109 }
1110 Ok(None) => {
1111 println!("No previous manifest available.");
1112 false
1113 }
1114 Err(_) => {
1115 // Fallback for outdated server, TODO remove/bubble up with 2.0
1116 true
1117 }
1118 };
1119
1120 let previous_manifest = if download_previous_manifest {
1121 match client.download_previous_manifest().await {
1122 Ok(previous_manifest) => {
1123 match previous_manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref)) {
1124 Ok(()) => Some(Arc::new(previous_manifest)),
1125 Err(err) => {
1126 println!("Couldn't re-use previous manifest - {}", err);
1127 None
1128 }
1129 }
1130 }
1131 Err(err) => {
1132 println!("Couldn't download previous manifest - {}", err);
1133 None
1134 }
1135 }
1136 } else {
1137 None
1138 };
1139
1140 let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?;
1141 let mut manifest = BackupManifest::new(snapshot);
1142
1143 let mut catalog = None;
1144 let mut catalog_result_tx = None;
1145
1146 for (backup_type, filename, target, size) in upload_list {
1147 match backup_type {
1148 BackupSpecificationType::CONFIG => {
1149 println!("Upload config file '{}' to '{}' as {}", filename, repo, target);
1150 let stats = client
1151 .upload_blob_from_file(&filename, &target, true, crypt_mode == CryptMode::Encrypt)
1152 .await?;
1153 manifest.add_file(target, stats.size, stats.csum, crypt_mode)?;
1154 }
1155 BackupSpecificationType::LOGFILE => { // fixme: remove - not needed anymore ?
1156 println!("Upload log file '{}' to '{}' as {}", filename, repo, target);
1157 let stats = client
1158 .upload_blob_from_file(&filename, &target, true, crypt_mode == CryptMode::Encrypt)
1159 .await?;
1160 manifest.add_file(target, stats.size, stats.csum, crypt_mode)?;
1161 }
1162 BackupSpecificationType::PXAR => {
1163 // start catalog upload on first use
1164 if catalog.is_none() {
1165 let (cat, res) = spawn_catalog_upload(client.clone(), crypt_mode == CryptMode::Encrypt)?;
1166 catalog = Some(cat);
1167 catalog_result_tx = Some(res);
1168 }
1169 let catalog = catalog.as_ref().unwrap();
1170
1171 println!("Upload directory '{}' to '{}' as {}", filename, repo, target);
1172 catalog.lock().unwrap().start_directory(std::ffi::CString::new(target.as_str())?.as_c_str())?;
1173 let stats = backup_directory(
1174 &client,
1175 previous_manifest.clone(),
1176 &filename,
1177 &target,
1178 chunk_size_opt,
1179 devices.clone(),
1180 verbose,
1181 skip_lost_and_found,
1182 catalog.clone(),
1183 pattern_list.clone(),
1184 entries_max as usize,
1185 true,
1186 crypt_mode == CryptMode::Encrypt,
1187 ).await?;
1188 manifest.add_file(target, stats.size, stats.csum, crypt_mode)?;
1189 catalog.lock().unwrap().end_directory()?;
1190 }
1191 BackupSpecificationType::IMAGE => {
1192 println!("Upload image '{}' to '{:?}' as {}", filename, repo, target);
1193 let stats = backup_image(
1194 &client,
1195 previous_manifest.clone(),
1196 &filename,
1197 &target,
1198 size,
1199 chunk_size_opt,
1200 true,
1201 crypt_mode == CryptMode::Encrypt,
1202 verbose,
1203 ).await?;
1204 manifest.add_file(target, stats.size, stats.csum, crypt_mode)?;
1205 }
1206 }
1207 }
1208
1209 // finalize and upload catalog
1210 if let Some(catalog) = catalog {
1211 let mutex = Arc::try_unwrap(catalog)
1212 .map_err(|_| format_err!("unable to get catalog (still used)"))?;
1213 let mut catalog = mutex.into_inner().unwrap();
1214
1215 catalog.finish()?;
1216
1217 drop(catalog); // close upload stream
1218
1219 if let Some(catalog_result_rx) = catalog_result_tx {
1220 let stats = catalog_result_rx.await??;
1221 manifest.add_file(CATALOG_NAME.to_owned(), stats.size, stats.csum, crypt_mode)?;
1222 }
1223 }
1224
1225 if let Some(rsa_encrypted_key) = rsa_encrypted_key {
1226 let target = "rsa-encrypted.key.blob";
1227 println!("Upload RSA encoded key to '{:?}' as {}", repo, target);
1228 let stats = client
1229 .upload_blob_from_data(rsa_encrypted_key, target, false, false)
1230 .await?;
1231 manifest.add_file(target.to_string(), stats.size, stats.csum, crypt_mode)?;
1232
1233 // openssl rsautl -decrypt -inkey master-private.pem -in rsa-encrypted.key -out t
1234 /*
1235 let mut buffer2 = vec![0u8; rsa.size() as usize];
1236 let pem_data = file_get_contents("master-private.pem")?;
1237 let rsa = openssl::rsa::Rsa::private_key_from_pem(&pem_data)?;
1238 let len = rsa.private_decrypt(&buffer, &mut buffer2, openssl::rsa::Padding::PKCS1)?;
1239 println!("TEST {} {:?}", len, buffer2);
1240 */
1241 }
1242 // create manifest (index.json)
1243 // manifests are never encrypted, but include a signature
1244 let manifest = manifest.to_string(crypt_config.as_ref().map(Arc::as_ref))
1245 .map_err(|err| format_err!("unable to format manifest - {}", err))?;
1246
1247
1248 if verbose { println!("Upload index.json to '{}'", repo) };
1249 client
1250 .upload_blob_from_data(manifest.into_bytes(), MANIFEST_BLOB_NAME, true, false)
1251 .await?;
1252
1253 client.finish().await?;
1254
1255 let end_time = std::time::Instant::now();
1256 let elapsed = end_time.duration_since(start_time);
1257 println!("Duration: {:.2}s", elapsed.as_secs_f64());
1258
1259 println!("End Time: {}", strftime_local("%c", epoch_i64())?);
1260
1261 Ok(Value::Null)
1262 }
1263
1264 fn complete_backup_source(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1265
1266 let mut result = vec![];
1267
1268 let data: Vec<&str> = arg.splitn(2, ':').collect();
1269
1270 if data.len() != 2 {
1271 result.push(String::from("root.pxar:/"));
1272 result.push(String::from("etc.pxar:/etc"));
1273 return result;
1274 }
1275
1276 let files = tools::complete_file_name(data[1], param);
1277
1278 for file in files {
1279 result.push(format!("{}:{}", data[0], file));
1280 }
1281
1282 result
1283 }
1284
1285 async fn dump_image<W: Write>(
1286 client: Arc<BackupReader>,
1287 crypt_config: Option<Arc<CryptConfig>>,
1288 crypt_mode: CryptMode,
1289 index: FixedIndexReader,
1290 mut writer: W,
1291 verbose: bool,
1292 ) -> Result<(), Error> {
1293
1294 let most_used = index.find_most_used_chunks(8);
1295
1296 let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, crypt_mode, most_used);
1297
1298 // Note: we avoid using BufferedFixedReader, because that add an additional buffer/copy
1299 // and thus slows down reading. Instead, directly use RemoteChunkReader
1300 let mut per = 0;
1301 let mut bytes = 0;
1302 let start_time = std::time::Instant::now();
1303
1304 for pos in 0..index.index_count() {
1305 let digest = index.index_digest(pos).unwrap();
1306 let raw_data = chunk_reader.read_chunk(&digest).await?;
1307 writer.write_all(&raw_data)?;
1308 bytes += raw_data.len();
1309 if verbose {
1310 let next_per = ((pos+1)*100)/index.index_count();
1311 if per != next_per {
1312 eprintln!("progress {}% (read {} bytes, duration {} sec)",
1313 next_per, bytes, start_time.elapsed().as_secs());
1314 per = next_per;
1315 }
1316 }
1317 }
1318
1319 let end_time = std::time::Instant::now();
1320 let elapsed = end_time.duration_since(start_time);
1321 eprintln!("restore image complete (bytes={}, duration={:.2}s, speed={:.2}MB/s)",
1322 bytes,
1323 elapsed.as_secs_f64(),
1324 bytes as f64/(1024.0*1024.0*elapsed.as_secs_f64())
1325 );
1326
1327
1328 Ok(())
1329 }
1330
1331 fn parse_archive_type(name: &str) -> (String, ArchiveType) {
1332 if name.ends_with(".didx") || name.ends_with(".fidx") || name.ends_with(".blob") {
1333 (name.into(), archive_type(name).unwrap())
1334 } else if name.ends_with(".pxar") {
1335 (format!("{}.didx", name), ArchiveType::DynamicIndex)
1336 } else if name.ends_with(".img") {
1337 (format!("{}.fidx", name), ArchiveType::FixedIndex)
1338 } else {
1339 (format!("{}.blob", name), ArchiveType::Blob)
1340 }
1341 }
1342
1343 #[api(
1344 input: {
1345 properties: {
1346 repository: {
1347 schema: REPO_URL_SCHEMA,
1348 optional: true,
1349 },
1350 snapshot: {
1351 type: String,
1352 description: "Group/Snapshot path.",
1353 },
1354 "archive-name": {
1355 description: "Backup archive name.",
1356 type: String,
1357 },
1358 target: {
1359 type: String,
1360 description: r###"Target directory path. Use '-' to write to standard output.
1361
1362 We do not extraxt '.pxar' archives when writing to standard output.
1363
1364 "###
1365 },
1366 "allow-existing-dirs": {
1367 type: Boolean,
1368 description: "Do not fail if directories already exists.",
1369 optional: true,
1370 },
1371 keyfile: {
1372 schema: KEYFILE_SCHEMA,
1373 optional: true,
1374 },
1375 "keyfd": {
1376 schema: KEYFD_SCHEMA,
1377 optional: true,
1378 },
1379 "crypt-mode": {
1380 type: CryptMode,
1381 optional: true,
1382 },
1383 }
1384 }
1385 )]
1386 /// Restore backup repository.
1387 async fn restore(param: Value) -> Result<Value, Error> {
1388 let repo = extract_repository_from_value(&param)?;
1389
1390 let verbose = param["verbose"].as_bool().unwrap_or(false);
1391
1392 let allow_existing_dirs = param["allow-existing-dirs"].as_bool().unwrap_or(false);
1393
1394 let archive_name = tools::required_string_param(&param, "archive-name")?;
1395
1396 let client = connect(&repo)?;
1397
1398 record_repository(&repo);
1399
1400 let path = tools::required_string_param(&param, "snapshot")?;
1401
1402 let (backup_type, backup_id, backup_time) = if path.matches('/').count() == 1 {
1403 let group: BackupGroup = path.parse()?;
1404 api_datastore_latest_snapshot(&client, repo.store(), group).await?
1405 } else {
1406 let snapshot: BackupDir = path.parse()?;
1407 (snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time())
1408 };
1409
1410 let target = tools::required_string_param(&param, "target")?;
1411 let target = if target == "-" { None } else { Some(target) };
1412
1413 let (keydata, _crypt_mode) = keyfile_parameters(&param)?;
1414
1415 let crypt_config = match keydata {
1416 None => None,
1417 Some(key) => {
1418 let (key, _, fingerprint) = decrypt_key(&key, &key::get_encryption_key_password)?;
1419 println!("Encryption key fingerprint: '{}'", fingerprint);
1420 Some(Arc::new(CryptConfig::new(key)?))
1421 }
1422 };
1423
1424 let client = BackupReader::start(
1425 client,
1426 crypt_config.clone(),
1427 repo.store(),
1428 &backup_type,
1429 &backup_id,
1430 backup_time,
1431 true,
1432 ).await?;
1433
1434 let (manifest, backup_index_data) = client.download_manifest().await?;
1435 manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref))?;
1436
1437 let (archive_name, archive_type) = parse_archive_type(archive_name);
1438
1439 if archive_name == MANIFEST_BLOB_NAME {
1440 if let Some(target) = target {
1441 replace_file(target, &backup_index_data, CreateOptions::new())?;
1442 } else {
1443 let stdout = std::io::stdout();
1444 let mut writer = stdout.lock();
1445 writer.write_all(&backup_index_data)
1446 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
1447 }
1448
1449 return Ok(Value::Null);
1450 }
1451
1452 let file_info = manifest.lookup_file_info(&archive_name)?;
1453
1454 if archive_type == ArchiveType::Blob {
1455
1456 let mut reader = client.download_blob(&manifest, &archive_name).await?;
1457
1458 if let Some(target) = target {
1459 let mut writer = std::fs::OpenOptions::new()
1460 .write(true)
1461 .create(true)
1462 .create_new(true)
1463 .open(target)
1464 .map_err(|err| format_err!("unable to create target file {:?} - {}", target, err))?;
1465 std::io::copy(&mut reader, &mut writer)?;
1466 } else {
1467 let stdout = std::io::stdout();
1468 let mut writer = stdout.lock();
1469 std::io::copy(&mut reader, &mut writer)
1470 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
1471 }
1472
1473 } else if archive_type == ArchiveType::DynamicIndex {
1474
1475 let index = client.download_dynamic_index(&manifest, &archive_name).await?;
1476
1477 let most_used = index.find_most_used_chunks(8);
1478
1479 let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, file_info.chunk_crypt_mode(), most_used);
1480
1481 let mut reader = BufferedDynamicReader::new(index, chunk_reader);
1482
1483 if let Some(target) = target {
1484 proxmox_backup::pxar::extract_archive(
1485 pxar::decoder::Decoder::from_std(reader)?,
1486 Path::new(target),
1487 &[],
1488 true,
1489 proxmox_backup::pxar::Flags::DEFAULT,
1490 allow_existing_dirs,
1491 |path| {
1492 if verbose {
1493 println!("{:?}", path);
1494 }
1495 },
1496 None,
1497 )
1498 .map_err(|err| format_err!("error extracting archive - {}", err))?;
1499 } else {
1500 let mut writer = std::fs::OpenOptions::new()
1501 .write(true)
1502 .open("/dev/stdout")
1503 .map_err(|err| format_err!("unable to open /dev/stdout - {}", err))?;
1504
1505 std::io::copy(&mut reader, &mut writer)
1506 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
1507 }
1508 } else if archive_type == ArchiveType::FixedIndex {
1509
1510 let index = client.download_fixed_index(&manifest, &archive_name).await?;
1511
1512 let mut writer = if let Some(target) = target {
1513 std::fs::OpenOptions::new()
1514 .write(true)
1515 .create(true)
1516 .create_new(true)
1517 .open(target)
1518 .map_err(|err| format_err!("unable to create target file {:?} - {}", target, err))?
1519 } else {
1520 std::fs::OpenOptions::new()
1521 .write(true)
1522 .open("/dev/stdout")
1523 .map_err(|err| format_err!("unable to open /dev/stdout - {}", err))?
1524 };
1525
1526 dump_image(client.clone(), crypt_config.clone(), file_info.chunk_crypt_mode(), index, &mut writer, verbose).await?;
1527 }
1528
1529 Ok(Value::Null)
1530 }
1531
1532 #[api(
1533 input: {
1534 properties: {
1535 repository: {
1536 schema: REPO_URL_SCHEMA,
1537 optional: true,
1538 },
1539 snapshot: {
1540 type: String,
1541 description: "Group/Snapshot path.",
1542 },
1543 logfile: {
1544 type: String,
1545 description: "The path to the log file you want to upload.",
1546 },
1547 keyfile: {
1548 schema: KEYFILE_SCHEMA,
1549 optional: true,
1550 },
1551 "keyfd": {
1552 schema: KEYFD_SCHEMA,
1553 optional: true,
1554 },
1555 "crypt-mode": {
1556 type: CryptMode,
1557 optional: true,
1558 },
1559 }
1560 }
1561 )]
1562 /// Upload backup log file.
1563 async fn upload_log(param: Value) -> Result<Value, Error> {
1564
1565 let logfile = tools::required_string_param(&param, "logfile")?;
1566 let repo = extract_repository_from_value(&param)?;
1567
1568 let snapshot = tools::required_string_param(&param, "snapshot")?;
1569 let snapshot: BackupDir = snapshot.parse()?;
1570
1571 let mut client = connect(&repo)?;
1572
1573 let (keydata, crypt_mode) = keyfile_parameters(&param)?;
1574
1575 let crypt_config = match keydata {
1576 None => None,
1577 Some(key) => {
1578 let (key, _created, _) = decrypt_key(&key, &key::get_encryption_key_password)?;
1579 let crypt_config = CryptConfig::new(key)?;
1580 Some(Arc::new(crypt_config))
1581 }
1582 };
1583
1584 let data = file_get_contents(logfile)?;
1585
1586 // fixme: howto sign log?
1587 let blob = match crypt_mode {
1588 CryptMode::None | CryptMode::SignOnly => DataBlob::encode(&data, None, true)?,
1589 CryptMode::Encrypt => DataBlob::encode(&data, crypt_config.as_ref().map(Arc::as_ref), true)?,
1590 };
1591
1592 let raw_data = blob.into_inner();
1593
1594 let path = format!("api2/json/admin/datastore/{}/upload-backup-log", repo.store());
1595
1596 let args = json!({
1597 "backup-type": snapshot.group().backup_type(),
1598 "backup-id": snapshot.group().backup_id(),
1599 "backup-time": snapshot.backup_time(),
1600 });
1601
1602 let body = hyper::Body::from(raw_data);
1603
1604 client.upload("application/octet-stream", body, &path, Some(args)).await
1605 }
1606
1607 const API_METHOD_PRUNE: ApiMethod = ApiMethod::new(
1608 &ApiHandler::Async(&prune),
1609 &ObjectSchema::new(
1610 "Prune a backup repository.",
1611 &proxmox_backup::add_common_prune_prameters!([
1612 ("dry-run", true, &BooleanSchema::new(
1613 "Just show what prune would do, but do not delete anything.")
1614 .schema()),
1615 ("group", false, &StringSchema::new("Backup group.").schema()),
1616 ], [
1617 ("output-format", true, &OUTPUT_FORMAT),
1618 (
1619 "quiet",
1620 true,
1621 &BooleanSchema::new("Minimal output - only show removals.")
1622 .schema()
1623 ),
1624 ("repository", true, &REPO_URL_SCHEMA),
1625 ])
1626 )
1627 );
1628
1629 fn prune<'a>(
1630 param: Value,
1631 _info: &ApiMethod,
1632 _rpcenv: &'a mut dyn RpcEnvironment,
1633 ) -> proxmox::api::ApiFuture<'a> {
1634 async move {
1635 prune_async(param).await
1636 }.boxed()
1637 }
1638
1639 async fn prune_async(mut param: Value) -> Result<Value, Error> {
1640 let repo = extract_repository_from_value(&param)?;
1641
1642 let mut client = connect(&repo)?;
1643
1644 let path = format!("api2/json/admin/datastore/{}/prune", repo.store());
1645
1646 let group = tools::required_string_param(&param, "group")?;
1647 let group: BackupGroup = group.parse()?;
1648
1649 let output_format = get_output_format(&param);
1650
1651 let quiet = param["quiet"].as_bool().unwrap_or(false);
1652
1653 param.as_object_mut().unwrap().remove("repository");
1654 param.as_object_mut().unwrap().remove("group");
1655 param.as_object_mut().unwrap().remove("output-format");
1656 param.as_object_mut().unwrap().remove("quiet");
1657
1658 param["backup-type"] = group.backup_type().into();
1659 param["backup-id"] = group.backup_id().into();
1660
1661 let mut result = client.post(&path, Some(param)).await?;
1662
1663 record_repository(&repo);
1664
1665 let render_snapshot_path = |_v: &Value, record: &Value| -> Result<String, Error> {
1666 let item: PruneListItem = serde_json::from_value(record.to_owned())?;
1667 let snapshot = BackupDir::new(item.backup_type, item.backup_id, item.backup_time)?;
1668 Ok(snapshot.relative_path().to_str().unwrap().to_owned())
1669 };
1670
1671 let render_prune_action = |v: &Value, _record: &Value| -> Result<String, Error> {
1672 Ok(match v.as_bool() {
1673 Some(true) => "keep",
1674 Some(false) => "remove",
1675 None => "unknown",
1676 }.to_string())
1677 };
1678
1679 let options = default_table_format_options()
1680 .sortby("backup-type", false)
1681 .sortby("backup-id", false)
1682 .sortby("backup-time", false)
1683 .column(ColumnConfig::new("backup-id").renderer(render_snapshot_path).header("snapshot"))
1684 .column(ColumnConfig::new("backup-time").renderer(tools::format::render_epoch).header("date"))
1685 .column(ColumnConfig::new("keep").renderer(render_prune_action).header("action"))
1686 ;
1687
1688 let info = &proxmox_backup::api2::admin::datastore::API_RETURN_SCHEMA_PRUNE;
1689
1690 let mut data = result["data"].take();
1691
1692 if quiet {
1693 let list: Vec<Value> = data.as_array().unwrap().iter().filter(|item| {
1694 item["keep"].as_bool() == Some(false)
1695 }).map(|v| v.clone()).collect();
1696 data = list.into();
1697 }
1698
1699 format_and_print_result_full(&mut data, info, &output_format, &options);
1700
1701 Ok(Value::Null)
1702 }
1703
1704 #[api(
1705 input: {
1706 properties: {
1707 repository: {
1708 schema: REPO_URL_SCHEMA,
1709 optional: true,
1710 },
1711 "output-format": {
1712 schema: OUTPUT_FORMAT,
1713 optional: true,
1714 },
1715 }
1716 },
1717 returns: {
1718 type: StorageStatus,
1719 },
1720 )]
1721 /// Get repository status.
1722 async fn status(param: Value) -> Result<Value, Error> {
1723
1724 let repo = extract_repository_from_value(&param)?;
1725
1726 let output_format = get_output_format(&param);
1727
1728 let client = connect(&repo)?;
1729
1730 let path = format!("api2/json/admin/datastore/{}/status", repo.store());
1731
1732 let mut result = client.get(&path, None).await?;
1733 let mut data = result["data"].take();
1734
1735 record_repository(&repo);
1736
1737 let render_total_percentage = |v: &Value, record: &Value| -> Result<String, Error> {
1738 let v = v.as_u64().unwrap();
1739 let total = record["total"].as_u64().unwrap();
1740 let roundup = total/200;
1741 let per = ((v+roundup)*100)/total;
1742 let info = format!(" ({} %)", per);
1743 Ok(format!("{} {:>8}", v, info))
1744 };
1745
1746 let options = default_table_format_options()
1747 .noheader(true)
1748 .column(ColumnConfig::new("total").renderer(render_total_percentage))
1749 .column(ColumnConfig::new("used").renderer(render_total_percentage))
1750 .column(ColumnConfig::new("avail").renderer(render_total_percentage));
1751
1752 let schema = &API_RETURN_SCHEMA_STATUS;
1753
1754 format_and_print_result_full(&mut data, schema, &output_format, &options);
1755
1756 Ok(Value::Null)
1757 }
1758
1759 // like get, but simply ignore errors and return Null instead
1760 async fn try_get(repo: &BackupRepository, url: &str) -> Value {
1761
1762 let fingerprint = std::env::var(ENV_VAR_PBS_FINGERPRINT).ok();
1763 let password = std::env::var(ENV_VAR_PBS_PASSWORD).ok();
1764
1765 let options = HttpClientOptions::new()
1766 .prefix(Some("proxmox-backup".to_string()))
1767 .password(password)
1768 .interactive(false)
1769 .fingerprint(fingerprint)
1770 .fingerprint_cache(true)
1771 .ticket_cache(true);
1772
1773 let client = match HttpClient::new(repo.host(), repo.port(), repo.auth_id(), options) {
1774 Ok(v) => v,
1775 _ => return Value::Null,
1776 };
1777
1778 let mut resp = match client.get(url, None).await {
1779 Ok(v) => v,
1780 _ => return Value::Null,
1781 };
1782
1783 if let Some(map) = resp.as_object_mut() {
1784 if let Some(data) = map.remove("data") {
1785 return data;
1786 }
1787 }
1788 Value::Null
1789 }
1790
1791 fn complete_backup_group(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1792 proxmox_backup::tools::runtime::main(async { complete_backup_group_do(param).await })
1793 }
1794
1795 async fn complete_backup_group_do(param: &HashMap<String, String>) -> Vec<String> {
1796
1797 let mut result = vec![];
1798
1799 let repo = match extract_repository_from_map(param) {
1800 Some(v) => v,
1801 _ => return result,
1802 };
1803
1804 let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
1805
1806 let data = try_get(&repo, &path).await;
1807
1808 if let Some(list) = data.as_array() {
1809 for item in list {
1810 if let (Some(backup_id), Some(backup_type)) =
1811 (item["backup-id"].as_str(), item["backup-type"].as_str())
1812 {
1813 result.push(format!("{}/{}", backup_type, backup_id));
1814 }
1815 }
1816 }
1817
1818 result
1819 }
1820
1821 pub fn complete_group_or_snapshot(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1822 proxmox_backup::tools::runtime::main(async { complete_group_or_snapshot_do(arg, param).await })
1823 }
1824
1825 async fn complete_group_or_snapshot_do(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1826
1827 if arg.matches('/').count() < 2 {
1828 let groups = complete_backup_group_do(param).await;
1829 let mut result = vec![];
1830 for group in groups {
1831 result.push(group.to_string());
1832 result.push(format!("{}/", group));
1833 }
1834 return result;
1835 }
1836
1837 complete_backup_snapshot_do(param).await
1838 }
1839
1840 fn complete_backup_snapshot(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1841 proxmox_backup::tools::runtime::main(async { complete_backup_snapshot_do(param).await })
1842 }
1843
1844 async fn complete_backup_snapshot_do(param: &HashMap<String, String>) -> Vec<String> {
1845
1846 let mut result = vec![];
1847
1848 let repo = match extract_repository_from_map(param) {
1849 Some(v) => v,
1850 _ => return result,
1851 };
1852
1853 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
1854
1855 let data = try_get(&repo, &path).await;
1856
1857 if let Some(list) = data.as_array() {
1858 for item in list {
1859 if let (Some(backup_id), Some(backup_type), Some(backup_time)) =
1860 (item["backup-id"].as_str(), item["backup-type"].as_str(), item["backup-time"].as_i64())
1861 {
1862 if let Ok(snapshot) = BackupDir::new(backup_type, backup_id, backup_time) {
1863 result.push(snapshot.relative_path().to_str().unwrap().to_owned());
1864 }
1865 }
1866 }
1867 }
1868
1869 result
1870 }
1871
1872 fn complete_server_file_name(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1873 proxmox_backup::tools::runtime::main(async { complete_server_file_name_do(param).await })
1874 }
1875
1876 async fn complete_server_file_name_do(param: &HashMap<String, String>) -> Vec<String> {
1877
1878 let mut result = vec![];
1879
1880 let repo = match extract_repository_from_map(param) {
1881 Some(v) => v,
1882 _ => return result,
1883 };
1884
1885 let snapshot: BackupDir = match param.get("snapshot") {
1886 Some(path) => {
1887 match path.parse() {
1888 Ok(v) => v,
1889 _ => return result,
1890 }
1891 }
1892 _ => return result,
1893 };
1894
1895 let query = tools::json_object_to_query(json!({
1896 "backup-type": snapshot.group().backup_type(),
1897 "backup-id": snapshot.group().backup_id(),
1898 "backup-time": snapshot.backup_time(),
1899 })).unwrap();
1900
1901 let path = format!("api2/json/admin/datastore/{}/files?{}", repo.store(), query);
1902
1903 let data = try_get(&repo, &path).await;
1904
1905 if let Some(list) = data.as_array() {
1906 for item in list {
1907 if let Some(filename) = item["filename"].as_str() {
1908 result.push(filename.to_owned());
1909 }
1910 }
1911 }
1912
1913 result
1914 }
1915
1916 fn complete_archive_name(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1917 complete_server_file_name(arg, param)
1918 .iter()
1919 .map(|v| tools::format::strip_server_file_extension(&v))
1920 .collect()
1921 }
1922
1923 pub fn complete_pxar_archive_name(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1924 complete_server_file_name(arg, param)
1925 .iter()
1926 .filter_map(|name| {
1927 if name.ends_with(".pxar.didx") {
1928 Some(tools::format::strip_server_file_extension(name))
1929 } else {
1930 None
1931 }
1932 })
1933 .collect()
1934 }
1935
1936 pub fn complete_img_archive_name(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1937 complete_server_file_name(arg, param)
1938 .iter()
1939 .filter_map(|name| {
1940 if name.ends_with(".img.fidx") {
1941 Some(tools::format::strip_server_file_extension(name))
1942 } else {
1943 None
1944 }
1945 })
1946 .collect()
1947 }
1948
1949 fn complete_chunk_size(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
1950
1951 let mut result = vec![];
1952
1953 let mut size = 64;
1954 loop {
1955 result.push(size.to_string());
1956 size *= 2;
1957 if size > 4096 { break; }
1958 }
1959
1960 result
1961 }
1962
1963 fn complete_auth_id(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1964 proxmox_backup::tools::runtime::main(async { complete_auth_id_do(param).await })
1965 }
1966
1967 async fn complete_auth_id_do(param: &HashMap<String, String>) -> Vec<String> {
1968
1969 let mut result = vec![];
1970
1971 let repo = match extract_repository_from_map(param) {
1972 Some(v) => v,
1973 _ => return result,
1974 };
1975
1976 let data = try_get(&repo, "api2/json/access/users?include_tokens=true").await;
1977
1978 if let Ok(parsed) = serde_json::from_value::<Vec<UserWithTokens>>(data) {
1979 for user in parsed {
1980 result.push(user.userid.to_string());
1981 for token in user.tokens {
1982 result.push(token.tokenid.to_string());
1983 }
1984 }
1985 };
1986
1987 result
1988 }
1989
1990 use proxmox_backup::client::RemoteChunkReader;
1991 /// This is a workaround until we have cleaned up the chunk/reader/... infrastructure for better
1992 /// async use!
1993 ///
1994 /// Ideally BufferedDynamicReader gets replaced so the LruCache maps to `BroadcastFuture<Chunk>`,
1995 /// so that we can properly access it from multiple threads simultaneously while not issuing
1996 /// duplicate simultaneous reads over http.
1997 pub struct BufferedDynamicReadAt {
1998 inner: Mutex<BufferedDynamicReader<RemoteChunkReader>>,
1999 }
2000
2001 impl BufferedDynamicReadAt {
2002 fn new(inner: BufferedDynamicReader<RemoteChunkReader>) -> Self {
2003 Self {
2004 inner: Mutex::new(inner),
2005 }
2006 }
2007 }
2008
2009 impl ReadAt for BufferedDynamicReadAt {
2010 fn start_read_at<'a>(
2011 self: Pin<&'a Self>,
2012 _cx: &mut Context,
2013 buf: &'a mut [u8],
2014 offset: u64,
2015 ) -> MaybeReady<io::Result<usize>, ReadAtOperation<'a>> {
2016 MaybeReady::Ready(tokio::task::block_in_place(move || {
2017 let mut reader = self.inner.lock().unwrap();
2018 reader.seek(SeekFrom::Start(offset))?;
2019 Ok(reader.read(buf)?)
2020 }))
2021 }
2022
2023 fn poll_complete<'a>(
2024 self: Pin<&'a Self>,
2025 _op: ReadAtOperation<'a>,
2026 ) -> MaybeReady<io::Result<usize>, ReadAtOperation<'a>> {
2027 panic!("LocalDynamicReadAt::start_read_at returned Pending");
2028 }
2029 }
2030
2031 fn main() {
2032
2033 let backup_cmd_def = CliCommand::new(&API_METHOD_CREATE_BACKUP)
2034 .arg_param(&["backupspec"])
2035 .completion_cb("repository", complete_repository)
2036 .completion_cb("backupspec", complete_backup_source)
2037 .completion_cb("keyfile", tools::complete_file_name)
2038 .completion_cb("chunk-size", complete_chunk_size);
2039
2040 let benchmark_cmd_def = CliCommand::new(&API_METHOD_BENCHMARK)
2041 .completion_cb("repository", complete_repository)
2042 .completion_cb("keyfile", tools::complete_file_name);
2043
2044 let upload_log_cmd_def = CliCommand::new(&API_METHOD_UPLOAD_LOG)
2045 .arg_param(&["snapshot", "logfile"])
2046 .completion_cb("snapshot", complete_backup_snapshot)
2047 .completion_cb("logfile", tools::complete_file_name)
2048 .completion_cb("keyfile", tools::complete_file_name)
2049 .completion_cb("repository", complete_repository);
2050
2051 let list_cmd_def = CliCommand::new(&API_METHOD_LIST_BACKUP_GROUPS)
2052 .completion_cb("repository", complete_repository);
2053
2054 let snapshots_cmd_def = CliCommand::new(&API_METHOD_LIST_SNAPSHOTS)
2055 .arg_param(&["group"])
2056 .completion_cb("group", complete_backup_group)
2057 .completion_cb("repository", complete_repository);
2058
2059 let forget_cmd_def = CliCommand::new(&API_METHOD_FORGET_SNAPSHOTS)
2060 .arg_param(&["snapshot"])
2061 .completion_cb("repository", complete_repository)
2062 .completion_cb("snapshot", complete_backup_snapshot);
2063
2064 let garbage_collect_cmd_def = CliCommand::new(&API_METHOD_START_GARBAGE_COLLECTION)
2065 .completion_cb("repository", complete_repository);
2066
2067 let restore_cmd_def = CliCommand::new(&API_METHOD_RESTORE)
2068 .arg_param(&["snapshot", "archive-name", "target"])
2069 .completion_cb("repository", complete_repository)
2070 .completion_cb("snapshot", complete_group_or_snapshot)
2071 .completion_cb("archive-name", complete_archive_name)
2072 .completion_cb("target", tools::complete_file_name);
2073
2074 let files_cmd_def = CliCommand::new(&API_METHOD_LIST_SNAPSHOT_FILES)
2075 .arg_param(&["snapshot"])
2076 .completion_cb("repository", complete_repository)
2077 .completion_cb("snapshot", complete_backup_snapshot);
2078
2079 let prune_cmd_def = CliCommand::new(&API_METHOD_PRUNE)
2080 .arg_param(&["group"])
2081 .completion_cb("group", complete_backup_group)
2082 .completion_cb("repository", complete_repository);
2083
2084 let status_cmd_def = CliCommand::new(&API_METHOD_STATUS)
2085 .completion_cb("repository", complete_repository);
2086
2087 let login_cmd_def = CliCommand::new(&API_METHOD_API_LOGIN)
2088 .completion_cb("repository", complete_repository);
2089
2090 let logout_cmd_def = CliCommand::new(&API_METHOD_API_LOGOUT)
2091 .completion_cb("repository", complete_repository);
2092
2093 let version_cmd_def = CliCommand::new(&API_METHOD_API_VERSION)
2094 .completion_cb("repository", complete_repository);
2095
2096 let change_owner_cmd_def = CliCommand::new(&API_METHOD_CHANGE_BACKUP_OWNER)
2097 .arg_param(&["group", "new-owner"])
2098 .completion_cb("group", complete_backup_group)
2099 .completion_cb("new-owner", complete_auth_id)
2100 .completion_cb("repository", complete_repository);
2101
2102 let cmd_def = CliCommandMap::new()
2103 .insert("backup", backup_cmd_def)
2104 .insert("upload-log", upload_log_cmd_def)
2105 .insert("forget", forget_cmd_def)
2106 .insert("garbage-collect", garbage_collect_cmd_def)
2107 .insert("list", list_cmd_def)
2108 .insert("login", login_cmd_def)
2109 .insert("logout", logout_cmd_def)
2110 .insert("prune", prune_cmd_def)
2111 .insert("restore", restore_cmd_def)
2112 .insert("snapshots", snapshots_cmd_def)
2113 .insert("files", files_cmd_def)
2114 .insert("status", status_cmd_def)
2115 .insert("key", key::cli())
2116 .insert("mount", mount_cmd_def())
2117 .insert("map", map_cmd_def())
2118 .insert("unmap", unmap_cmd_def())
2119 .insert("catalog", catalog_mgmt_cli())
2120 .insert("task", task_mgmt_cli())
2121 .insert("version", version_cmd_def)
2122 .insert("benchmark", benchmark_cmd_def)
2123 .insert("change-owner", change_owner_cmd_def);
2124
2125 let rpcenv = CliEnvironment::new();
2126 run_cli_command(cmd_def, rpcenv, Some(|future| {
2127 proxmox_backup::tools::runtime::main(future)
2128 }));
2129 }
Proxmox Backup Server and Client